Presentation is loading. Please wait.

Presentation is loading. Please wait.

Legal and Ethical Issues in Computer Security

Published byEzra Hodge Modified over 6 years ago

Similar presentations

Presentation on theme: "Legal and Ethical Issues in Computer Security"— Presentation transcript:

1 Legal and Ethical Issues in Computer Security
Csilla Farkas Associate Professor

2 Attack Sophistication vs. Intruder Technical Knowledge
High Low 1980 1985 1990 1995 2000 password guessing self-replicating code password cracking exploiting known vulnerabilities disabling audits back doors hijacking sessions sweepers sniffers packet spoofing GUI automated probes/scans denial of service www attacks Tools Attackers Intruder Knowledge Attack Sophistication “stealth” / advanced scanning techniques burglaries network mgmt. diagnostics distributed attack tools Cross site scripting Staged attack Copyright: CERT, 2000 Law and Ethics 2

3 Law and Computer Security
International, national, state, and city laws: affect privacy and secrecy Laws: regulate the use, development, and ownership of data and programs Laws: affect actions that can be taken to protect the secrecy, integrity, and availability of computing resources Law and Ethics

4 Lack of Legislation Reactive procedures Not addressed improper acts
Lack of technical expertise of legal personnel Law and Ethics

5 Protection of Computer Systems
Protecting computing systems against criminals Protecting code and data Protecting programmers’ and employers’ rights Protecting users of programs Law and Ethics

6 Protecting Programs and Data
Copyright Patents Trade secrets Law and Ethics

7 Copyrights Protect the expression of ideas 1978: U.S. copyright law
Updated in 1998: Digital Millennium Copyright Act (DMCA) – deals with computers and other electronic media Give the copyright holder the exclusive right to make copies of the expression and sell them to the public Simple procedure to register copyright U.S. copyright expires 70 years beyond the death of last surviving holder Law and Ethics

8 Intellectual Property
Copyright Does not cover the idea being expressed applies to original work and it must be in some tangible medium of expression Originality of work! Law and Ethics

9 Fair Use The purchaser has the right to use the product in the manner for which it was intended and in a way that does not interfere with the author’s right. Piracy First sale Copyright infringement Law and Ethics

10 Copyright for Digital Objects
Digital Millennium Copyright Act Digital objects can be copyrighted It is a crime to circumvent or disable anti-piracy functionality It is a crime to manufacture, sell, or distribute devices that disable anti-piracy functionality or that copy digital objects Exempt: when used for educational and research purposes It is legal to make a backup to protect against loss Libraries can make three backups Law and Ethics

11 Patents Protects inventions – results of science, technology, and engineering Requirement of novelty Truly novel and unique  only one patent for a given invention Non-obvious U.S. Patent and Trademark Office: register patent Patent attorney: verifies that the invention has not been patented and identifies similar inventions Law and Ethics

12 Patent Infringement Copyright: holder can decide which violations prosecute Patent: all violations must be prosecuted or patent can be lost Suing for patent infringement may cause the patent owner to loose the paten. Infringer may argue that: This isn’t infringement (different inventions) The patent is invalid (a prior infringement was not opposed) The invention is not novel The infringer invented the object first Law and Ethics

13 Trade Secret Information that gives one company a competitive edge over the others Must always be kept secret If someone obtains it improperly, the owner can recover Profits Damages Lost revenues Legal cost Reverse Engineering! Law and Ethics

14 Protection of Computer Objects
Copyright Patent Trade Secret Protects Expression of idea Invention A secret Protected object made public Yes No Requirement to distribute Ease of filing Very easy Very complicated No filing Duration Life of human originator + 70 years 19 years Indefinite Legal protection Sue – unauthorized copy Sue – invention copied Sue – unauthorized access Law and Ethics

15 Computer Crime Least clear area of law in computing
Separate category for computer crime No access to the physical object  Is it a serious crime? Rules of evidence  How to prove the authenticity? Threats to integrity and confidentiality  How to measure loss of privacy? Value of data  How to measure it? Law and Ethics

16 Why Computer Crime is Hard to Prosecute?
Lack of understanding Lack of physical evidence Lack of recognition of assets Lack of political impact Complexity of case Age of defendant Law and Ethics

17 Laws for Computer Crime
U.S. Computer Fraud and Abuse Act U.S. Economic Espionage Act U.S. Electronic Fund Transfer Act U.S. Freedom of Information Act U.S. Privacy Act U.S. Electronic Communication Privacy Act Gramm-Leach-Bliley Act HIPAA USA Patriot Act CAN SPAM Act Law and Ethics

18 Ethical Issues Ethic: objectively defined standard of right and wrong
Ultimately, each person is responsible for deciding what to do in a specific situation Ethical positions can and often do come into conflict Law and Ethics

19 Ethics vs. Law Law Ethics Formal, written document
Unwritten principles Interpreted by courts Interpreted by each individual Established by legislatures Presented by philosophers, religious, professional groups Applicable to everyone Personal choice Priority decided by court Priority determined by individual Court makes final decision No external decision maker Enforceable by police and courts Limited enforcement Law and Ethics

20 Additional Materials on Information Assurance is available at the CIAE web site Law and Ethics

Download ppt "Legal and Ethical Issues in Computer Security"

Similar presentations

1 The Economic Impact of Cyber Attacks The Global Picture Chapter 9.

1 The Economic Impact of Cyber Attacks The Global Picture Chapter 9.
EXAMINING CYBER/COMPUTER LAW BUSINESS LAW. EXPLAIN CYBER LAW AND THE VARIOUS TYPES OF CYBER CRIMES.

EXAMINING CYBER/COMPUTER LAW BUSINESS LAW. EXPLAIN CYBER LAW AND THE VARIOUS TYPES OF CYBER CRIMES.
Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 4: Intellectual Property.

Slides prepared by Cyndi Chie and Sarah Frye1 A Gift of Fire Third edition Sara Baase Chapter 4: Intellectual Property.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing Email that bites Paying for Privacy Pirates.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 Hossein BIDGOLI Phishing that bites Paying for Privacy Pirates.
Legal and Ethical Issues in Computer Security

Legal and Ethical Issues in Computer Security
Copyright and Alternatives to Copyright Why now? Rita S. Heimes Director, Technology Law Center University of Maine School of Law Rita S. Heimes Director,

Copyright and Alternatives to Copyright Why now? Rita S. Heimes Director, Technology Law Center University of Maine School of Law Rita S. Heimes Director,
1 Introduction to Software Engineering Lecture 38 – Intellectual Property.

1 Introduction to Software Engineering Lecture 38 – Intellectual Property.
Computer Engineering 294 IP R.Smith 5/2010 1 Intellectual Property What is it? Why is it important? – What is it designed to do? What are its basic forms?

Computer Engineering 294 IP R.Smith 5/ Intellectual Property What is it? Why is it important? – What is it designed to do? What are its basic forms?
Chapter 9 – Legal, Privacy, and Ethical Issues in Computer Security  Program and data protection by patents, copyrights, and trademarks  Computer Crime.

Chapter 9 – Legal, Privacy, and Ethical Issues in Computer Security  Program and data protection by patents, copyrights, and trademarks  Computer Crime.
Intellectual Property Rights and Computer Technology

Intellectual Property Rights and Computer Technology
Intellectual property rights concern the legal ownership and use of intellectual property such as software, music, movies, data, and information. Intellectual.

Intellectual property rights concern the legal ownership and use of intellectual property such as software, music, movies, data, and information. Intellectual.
MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.

MIS PERSONAL, LEGAL, ETHICAL, AND ORGANIZATIONAL ISSUES OF INFORMATION SYSTEMS CHAPTER 4 LO1 Describe information technologies that could be used in computer.
Chapter 25 Intellectual Property Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written.

Chapter 25 Intellectual Property Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written.
K. Salah1 Legal, Privacy, & Ethical Issues. K. Salah2 Overview Human Controls Applicable to Computer Security The Basic Issues Computer Crime Privacy.

K. Salah1 Legal, Privacy, & Ethical Issues. K. Salah2 Overview Human Controls Applicable to Computer Security The Basic Issues Computer Crime Privacy.
MIS 2000 Chapter 4 Social, Legal and Ethical Issues.

MIS 2000 Chapter 4 Social, Legal and Ethical Issues.
I DENTIFYING AND P ROTECTING I NTELLECTUAL P ROPERTY Tyson Benson

I DENTIFYING AND P ROTECTING I NTELLECTUAL P ROPERTY Tyson Benson
Legal and Ethical Issues in Computer Security Csilla Farkas

Legal and Ethical Issues in Computer Security Csilla Farkas
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
Legal and Ethical Issues. Major Topics Protecting Programs and Data Information and the Law Rights of Employees and Employers Software Failures Computer.

Legal and Ethical Issues. Major Topics Protecting Programs and Data Information and the Law Rights of Employees and Employers Software Failures Computer.

Similar presentations

Ads by Google